﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Mvc;

namespace SRF.Security
{
    public class Authorize : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            //检验是否请求的url是否允许访问
            if (!SecurityContext.IsLogin || !SecurityContext.HasUrlGrant())
            {
                filterContext.Result = new HttpUnauthorizedResult(); // 返回未授权result 
            }
            else
            {
                base.OnAuthorization(filterContext);
            }
        }
    }
}